Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11515
Views
0
Helpful
6
Replies

no internet access for vlan devices

Go to solution
tquigley11
Level 1
Level 1

‎04-19-2015 01:25 PM - edited ‎03-07-2019 11:37 PM

Hey folks, 

 

I'm new to cisco and have only recently started study for my ccna. In preperation for this i've gotten my hands on a cisco emi 3550-48 port switch so i can play and test some scenario's. 

Now, I've setup a couple of vlans (200,201 and 202) and i've assigned them to fa0/3, 0/5 a0/7 respectively. i suppose it's irrelevant which ports are assign, they are just the ports i've assigned while typing this. 

 

I know the cisco forums are full of people saying the intervlan routing isnt working and it just turns out to be the static route on the router in the end but i have set all that up and i can not get internet access on my vlan networks. The wierd thing is the switch itself can ping the internet no problem. 

 

Here is my setup : 

 

I've assigned ip addresses as follows :

vlan 200 - 10.10.200.254/24

vlan 201 - 10.10.201.254/24

vlan 202 - 10.10.202.254/24

I then enabled intervlan routing by issueing "IP ROUTING"

 

At this point I configured the VDSL modem/router (zyxel F1000) on IP Address 192.168.1.2/30 and I configured interface fa0/1 with the following commands : 

interface fa0/1

no switchport

ip address 192.168.1.1 255.255.255.252 

no shutdown

 

I then set the default route using : 

ip route 0.0.0.0 0.0.0.0 192.168.1.2

 

Finally I configured three static route's on my Zyxel F1000 modem/router to send traffic back to my three vlans using the gateway 192.168.1.1

 

As i said above, If I plug into fa 0/3 (vlan 200) and lets say I give myself an ip address of 10.10.200.20, 255.255.255.0 and gateway 10.10.200.254. I can ping the othe vlns and devices on the other vlans no problem but bot for love nor money can i get onto the internet. For clarifications sake my dns is set to 8.8.8.8

 

Stranger still is the fact that the switch can ping hostnames and ips on the internet no problem. Has anyone got any ideas what could possibly be wrong?? I'm completely stumped. 

 

Regards, 

Thomas Quigley

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
CiscoMesl
Level 1
Level 1

‎04-20-2015 06:21 AM

As stated by Dennis, a traceroute to 8.8.8.8 from a PC plugged into the switch would be a good starting point.

Can you ping 192.168.1.1 from a PC?
What about 192.168.1.2?

When you ping from the switch itself, I suspect it may be using 192.168.1.1 as a source address.
My thoughts are that the Zyxel may not be setup to NAT from the 10.* range and may only want to NAT the 192.168.* range.

 

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎04-19-2015 11:46 PM

when you do a traceroute to 8.8.8.8 from your laptop in fa0/3 what is the last good hop?

 

also if you do a extended ping from your switch to 8.8.8.8 source=10.10.200.254  do you get a response?

 

 

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Go to solution
tquigley11
Level 1
Level 1
In response to Dennis Mink

‎04-20-2015 06:26 AM

Hey guys,

 

Thanks for the speedy replies. I have been trying this for about 2 weeks now and last night after posting this message to the cisco forums I got my hands on an old Sonicwall router. I decided to test the connection using this as I suspected that Zyxel router is buggy. 

I setup a PPPoE connection on the sonicwall and set that up as my default route matching exactly the ip settings listed above and it worked immediately. 

 

I knew the setup I had ran above was right it was just tormenting me that it wouldn't work. Turns out its the piece of crap Zyxek VDSL modem. 

 

Thanks for taking the time to read my post and offer advice. 

 

Cheers, 

TQ

0 Helpful

Go to solution
devils_advocate
Level 7
Level 7
In response to tquigley11

‎04-20-2015 11:25 PM

Glad its working.

I still suspect the Zyxel was not setup to NAT the 10.0.0.0 /8 networks and its probably that the Sonicwall does.

You did the right thing in trying another device, intervendor working is not always seamless.

Especially when using heathen brands like Zxyel ;)

0 Helpful

Go to solution
tquigley11
Level 1
Level 1
In response to devils_advocate

‎04-21-2015 02:20 AM

Hi devils_advocate, 

I actually went back at this and configured a NAT rule for the 10.10.0.0/16 network on the zyxel in the hope that maybe it could have been a NAT configuration issue but still got nothing on it. 

 

Regardless, I have gotten what I was attempting to work and I'm happy with that. 

 

regards

TQ

0 Helpful

Go to solution
devils_advocate
Level 7
Level 7
In response to tquigley11

‎04-21-2015 02:23 AM

At least you tried, well done for persisting :)

0 Helpful

Go to solution
CiscoMesl
Level 1
Level 1

‎04-20-2015 06:21 AM

As stated by Dennis, a traceroute to 8.8.8.8 from a PC plugged into the switch would be a good starting point.

Can you ping 192.168.1.1 from a PC?
What about 192.168.1.2?

When you ping from the switch itself, I suspect it may be using 192.168.1.1 as a source address.
My thoughts are that the Zyxel may not be setup to NAT from the 10.* range and may only want to NAT the 192.168.* range.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card